ken@FTU

4 exploits Active since Dec 2002
CVE-2002-1847 EXPLOITDB text WRITEUP
Windows Media Player 6.3-7.1 - Buffer Overflow via MP3 Filename Command Line Argument
Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability.
CVE-2002-1731 EXPLOITDB text WRITEUP
IBM OS/400 - Unauthenticated User Enumeration via System Request Menu
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.
CVE-2002-1529 EXPLOITDB text WORKING POC
SurfControl SuperScout Email Filter - XSS
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter.
CVE-2002-1530 EXPLOITDB text WRITEUP
SurfControl SuperScout Email Filter - Info Disclosure
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form.